[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-dev] Re: Redirecting alerts to different recipients

To: ossec-dev@xxxxxxxxxxxxxxxx
Subject: [ossec-dev] Re: Redirecting alerts to different recipients
From: "Daniel Cid" <dcid@xxxxxxxxx>
Date: Sun, 6 May 2007 18:01:46 -0300
Cc: "paul sery" <pgsery@xxxxxxxx>
Content-disposition: inline
Content-transfer-encoding: 7bit


Hi Paul,

Is that what you are looking for (granular e-mail alerting)?

http://www.ossec.net/dcid/?p=75

Hope it helps.

--
Daniel B. Cid
dcid ( at ) ossec.net

On 5/6/07, paul sery <pgsery@xxxxxxxx> wrote:


Hey,

  I want to direct ossec alerts to the person managing the machine on
which it occurred. I'm managing a central logging system and am feeding
its event stream into an ossec instance. I've cobbled together a simple
active-response script that uses the IP parameter to send the alert ID
to the appropriate person, but also would also like to send the log
messages that triggered the alert -- like you get in the e-mail alerts.
Is there any way of getting that info to the active-response mechanism?
Or perhaps I'm missing an obvious way to do the distribution.

Thanks,
Paul

Follow-Ups:
- [ossec-dev] Re: Redirecting alerts to different recipients
  - From: paul sery

References:
- [ossec-dev] Redirecting alerts to different recipients
  - From: paul sery

Prev by Date: [ossec-dev] Redirecting alerts to different recipients
Next by Date: [ossec-dev] OSSEC v1.2 BETA1 available -- testers needed!
Previous by thread: [ossec-dev] Redirecting alerts to different recipients
Next by thread: [ossec-dev] Re: Redirecting alerts to different recipients
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.